x-kom hosting

Omiga-plus skuteczne usunięcie

Mateusz 935
utworzono
utworzono

Witam. Czy mógłby ktoś sprawdzić logi.

 

OTL:

 

[spoiler][log]OTL logfile created on: 2014-12-30 15:22:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1014,43 Mb Total Physical Memory | 123,40 Mb Available Physical Memory | 12,16% Memory free
1,99 Gb Paging File | 0,95 Gb Available in Paging File | 47,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 71,04 Gb Total Space | 52,72 Gb Free Space | 74,20% Space Free | Partition Type: NTFS
Drive D: | 72,00 Gb Total Space | 35,24 Gb Free Space | 48,94% Space Free | Partition Type: NTFS

Computer Name: N110 | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-12-18 09:54:30 | 003,432,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgidsagent.exe
PRC - [2014-12-18 09:51:14 | 003,667,472 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgui.exe
PRC - [2014-12-18 09:49:46 | 000,669,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgemcx.exe
PRC - [2014-12-18 09:47:42 | 001,071,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgnsx.exe
PRC - [2014-12-18 09:47:18 | 000,884,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2015\avgrsx.exe
PRC - [2014-12-18 09:45:26 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe
PRC - [2014-12-18 09:44:26 | 000,691,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgcsrvx.exe
PRC - [2014-12-06 02:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014-10-01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-03-30 12:48:17 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
PRC - [2014-03-18 12:45:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013-08-05 17:42:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
PRC - [2011-05-28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-09-08 08:47:52 | 000,832,512 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009-09-07 19:42:04 | 000,093,184 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009-08-23 13:47:34 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe


========== Modules (No Company Name) ==========

MOD - [2014-12-06 02:50:51 | 014,913,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
MOD - [2014-12-06 02:50:50 | 009,009,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
MOD - [2014-12-06 02:50:44 | 001,677,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
MOD - [2014-02-10 12:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014-02-10 12:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2011-10-28 17:13:36 | 000,162,816 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\libbluray.dll
MOD - [2011-10-28 17:13:24 | 006,034,229 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
MOD - [2011-10-28 17:13:24 | 000,962,568 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avformat-lav-53.dll
MOD - [2011-10-28 17:13:24 | 000,221,581 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MOD - [2011-10-28 09:00:00 | 003,578,880 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2011-05-28 14:47:00 | 000,127,376 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll
MOD - [2006-08-12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll


========== Services (SafeList) ==========

SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-12-18 16:05:58 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-12-18 09:54:30 | 003,432,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014-12-18 09:45:26 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2014-12-09 09:51:34 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-10-01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-10-01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-03-30 12:48:17 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2014-03-19 14:59:13 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011-05-28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


========== Driver Services (SafeList) ==========

DRV - [2014-12-30 15:24:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014-12-08 21:25:06 | 000,208,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014-11-18 21:41:58 | 000,154,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014-10-13 09:58:21 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014-10-10 15:13:58 | 000,200,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014-10-05 20:42:06 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014-10-01 11:11:24 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014-10-01 11:11:10 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014-08-28 20:43:36 | 000,192,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014-07-18 14:55:24 | 000,230,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014-06-18 20:03:36 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014-06-18 20:03:34 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014-06-18 20:03:34 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2014-03-30 12:48:28 | 000,186,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2014-03-30 12:48:28 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2014-03-30 12:48:27 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2014-03-30 12:48:27 | 000,089,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2014-03-30 12:48:27 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2014-03-30 12:48:27 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2014-03-30 12:48:26 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-12-12 19:32:24 | 002,228,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009-10-06 22:49:56 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2009-08-10 10:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2009-08-06 09:34:28 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-12-12 10:09:25 | 000,000,000 | ---D | M]

[2014-03-18 10:03:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Extensions
[2014-12-30 11:17:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profileskjytwj5j.default\extensions
[2014-12-30 11:17:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profileskjytwj5j.default\extensions\staged
[2014-12-09 09:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-12-09 09:51:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdifnhiliocdiomkphonngpedadhinof\1.0.1_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe\2.0.2_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{010EDF8C-597D-43AA-890D-E2BB6F6D2E09}: NameServer = 89.108.202.21 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FAEA63B-1B66-4AB4-86EC-E65DD5AA0A23}: NameServer = 62.233.233.233 87.204.204.204
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7124C992-D094-459D-99BE-99EBC10D3D5F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD6D7D73-25E5-4841-A460-85FD57F607AB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5bab3835-e8bf-11e3-b708-00245407d247}\Shell - "" = AutoRun
O33 - MountPoints2\{5bab3835-e8bf-11e3-b708-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5bab3838-e8bf-11e3-b708-00245407d247}\Shell - "" = AutoRun
O33 - MountPoints2\{5bab3838-e8bf-11e3-b708-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aabd24c2-b800-11e3-ac7f-00245407d247}\Shell - "" = AutoRun
O33 - MountPoints2\{aabd24c2-b800-11e3-ac7f-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aabd24df-b800-11e3-ac7f-00245407d247}\Shell - "" = AutoRun
O33 - MountPoints2\{aabd24df-b800-11e3-ac7f-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-12-30 15:21:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2014-12-30 13:08:10 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014-12-30 13:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-12-30 13:07:07 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014-12-30 13:07:07 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014-12-30 13:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014-12-30 11:51:19 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.android
[2014-12-30 11:17:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WebTest
[2014-12-29 12:16:14 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
[2014-12-28 13:44:06 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\AVG2015
[2014-12-28 13:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014-12-28 13:43:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\TuneUp Software
[2014-12-28 13:42:01 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014-12-28 13:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[2014-12-28 13:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2014-12-28 13:36:16 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Avg2015
[2014-12-28 13:35:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014-12-28 13:35:26 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\MFAData
[2014-12-28 13:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014-12-28 13:35:26 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Avg2014
[2014-12-09 10:20:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\DO ASTRY H
[2014-12-09 09:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-12-08 21:25:06 | 000,208,152 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014-12-30 15:24:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014-12-30 15:24:47 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-12-30 15:07:39 | 000,740,672 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-12-30 15:07:39 | 000,654,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-12-30 15:07:39 | 000,156,214 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-12-30 15:07:39 | 000,122,336 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-12-30 15:03:30 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-12-30 14:59:48 | 000,030,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-12-30 14:59:48 | 000,030,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-12-30 14:53:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-12-30 14:51:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-12-30 14:51:49 | 797,777,920 | -HS- | M] () -- C:\hiberfil.sys
[2014-12-30 13:07:17 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-12-30 11:37:31 | 000,002,101 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-12-30 11:35:55 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-12-29 14:19:10 | 000,000,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-12-29 12:16:25 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2014-12-29 12:16:25 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2014-12-28 13:43:04 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014-12-18 16:05:58 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-12-18 16:05:58 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-12-18 00:01:37 | 000,023,552 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-12-08 21:25:06 | 000,208,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014-12-30 13:07:17 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-12-29 12:15:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2014-12-29 12:15:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2014-12-28 13:43:04 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014-12-28 12:57:22 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-09-26 15:20:52 | 000,284,866 | ---- | C] () -- C:\Users\Mateusz\Wyrejestrowanie pojazdu.pdf
[2014-04-23 17:43:09 | 000,126,512 | ---- | C] () -- C:\Windows\Wiainst.exe
[2014-04-23 17:40:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\Ssusbpn.dll
[2014-04-23 17:40:55 | 000,577,536 | ---- | C] () -- C:\Windows\System32\SnMinDrv.dll
[2014-04-23 17:40:55 | 000,415,232 | ---- | C] () -- C:\Windows\System32\SNWIAUI.dll
[2014-04-23 17:40:55 | 000,135,168 | ---- | C] () -- C:\Windows\System32\SnImgFlt.dll
[2014-04-23 17:40:55 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SnErHdlr.dll
[2014-04-23 17:40:39 | 001,571,160 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2014-04-23 17:37:25 | 000,010,577 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\SmarThruOptions.xml
[2014-04-23 17:36:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SvcMan.exe
[2014-04-23 17:36:17 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll
[2014-04-23 17:35:44 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini
[2014-04-23 17:35:37 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2014-03-19 17:02:07 | 000,023,552 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-03-18 11:26:38 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2014-03-18 11:26:32 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014-03-18 11:26:32 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014-03-18 11:26:31 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014-03-18 10:03:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

========== ZeroAccess Check ==========

[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014-12-28 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\AVG2015
[2014-09-26 15:12:11 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\com.efile.fillup
[2014-12-30 15:06:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2014-09-26 15:11:12 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\fillUp
[2014-03-18 11:34:48 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\IObit
[2014-10-13 10:00:32 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera Software
[2014-03-18 13:43:22 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Oracle
[2014-10-13 09:57:59 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\RHEng
[2014-04-23 17:48:15 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Samsung
[2014-04-23 17:37:30 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SmarThru4
[2014-12-28 13:43:03 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\TuneUp Software
[2014-12-30 15:06:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent
[2014-06-20 19:47:43 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\VOS
[2014-12-30 11:17:00 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\WebTest

========== Purity Check ==========



< End of report >
[/log][/spoiler]

 

Extras:

 

[spoiler][log]OTL Extras logfile created on: 2014-12-30 15:22:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1014,43 Mb Total Physical Memory | 123,40 Mb Available Physical Memory | 12,16% Memory free
1,99 Gb Paging File | 0,95 Gb Available in Paging File | 47,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 71,04 Gb Total Space | 52,72 Gb Free Space | 74,20% Space Free | Partition Type: NTFS
Drive D: | 72,00 Gb Total Space | 35,24 Gb Free Space | 48,94% Space Free | Partition Type: NTFS

Computer Name: N110 | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0012F0E7-3766-4AF3-AA65-8685995C6A5A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{083B597A-D8EB-40BA-96E3-80AE0C3BB45B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{08E54762-2463-4E36-BE3D-015F02B58D7C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{159E4E08-DA10-4D7F-810D-D158C81FB37C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{222A86B0-07B4-40FE-A13F-ABF9B0DAE1CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2EF209A3-BF07-4DEF-B8F8-B92E843586A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{309FC4AC-71D9-44D1-BF83-76863DD98B65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31E0A532-6164-40E4-AB5E-467CE2A91C23}" = lport=2869 | protocol=6 | dir=in | app=system |
"{36E8388C-86FB-4DB2-9889-392B6758D8D4}" = rport=445 | protocol=6 | dir=out | app=system |
"{3F38DBD4-05FA-49AA-9F3D-A96421030012}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54BB1A42-27A9-412E-A239-D25F5CE217DB}" = lport=139 | protocol=6 | dir=in | app=system |
"{583426DF-F715-44D9-B5DE-F0B8C7AB5A89}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6306ECF8-42A8-499B-BC04-7B1FDE187F24}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{6AEB7F5A-0A20-4368-B265-2A419C876441}" = rport=139 | protocol=6 | dir=out | app=system |
"{6B007129-6DC6-4D13-A9F5-AF0AE400A0C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{765FFC4B-AC89-43CF-A340-A68D790ECF40}" = lport=138 | protocol=17 | dir=in | app=system |
"{82DD4CCD-6821-45DF-8E91-8CD0F425C017}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{971048D8-72C4-49B3-B192-CBBECDD17DC3}" = rport=138 | protocol=17 | dir=out | app=system |
"{BF3B29CC-802F-472B-8A68-1C837F2F24EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF9D6D1C-8579-41BC-B3AB-E61A09292DE5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7F08431-AF49-45E0-A875-96B55649F9E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{DCB302D8-E2B9-430D-B398-7E26F59A805A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF9846CD-F684-4387-8D19-2A9BE2D89023}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{E6859EC0-E1BD-462C-9AD8-26A9119BA3DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ECDB0CD6-B22E-4B93-B6F9-EFB2574BB9AC}" = lport=445 | protocol=6 | dir=in | app=system |
"{FD0E61E4-7C6B-44A9-A658-E10AEB055503}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CE0D441-AD6F-4B5E-B31E-27553BFF668C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung universal scan driver\scancdlm.exe |
"{0E7DC139-CA54-4127-B33C-1645FB40F4B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1B3D15FD-C13D-4A61-B963-11562FA49D22}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1C02A1BC-BFC0-4CA5-83C9-337DB6929A0F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2316260A-48F0-41D4-AAFE-F04434FF0A41}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2DC9A7ED-C5AB-4ACF-A4FB-29F4F5139060}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe |
"{33CC2F68-A68F-4F78-98D7-691047F4E50E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{379E710B-7D82-4970-A624-8F92413D6398}" = protocol=6 | dir=out | app=system |
"{3FA6FDB1-C1A1-4D26-AAC1-D004F7641A3D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgdiagex.exe |
"{4B0F67AE-BF11-4BFC-BE97-BDA0D8D18B0F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FF9A677-10E8-450F-9700-E6954837F122}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{51FB141E-2675-4C75-8E30-7EBE531190AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5462B4A1-ACB8-4D38-86E1-FD049EF591DA}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung universal scan driver\scancdlm.exe |
"{57C2D9B4-A45C-4EA6-89E3-7B63B9180868}" = protocol=6 | dir=in | app=c:\users\mateusz\appdata\roaming\utorrent\utorrent.exe |
"{5BFC9913-D750-4E3D-91F8-5ABDCDD51F3E}" = protocol=17 | dir=in | app=c:\users\mateusz\appdata\roaming\utorrent\utorrent.exe |
"{636C7C26-76DC-4770-B65E-A83D4BCD526B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{810DF325-1CF3-4319-A9B7-4DBE2EBE570F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgnsx.exe |
"{8A17D415-F0FC-4330-968E-8682A7485016}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{97189800-FAB0-4144-8CFB-9210847468AF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung universal scan driver\iccupdater.exe |
"{98384A26-EA5C-4578-BBAF-F3198F6C517E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E5702AF-33E2-4DB6-9E44-85EFEC2C6809}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A18E3690-552B-4521-9560-76558517CFBA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe |
"{AD28CD82-F184-4012-A419-64DB48357A4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C03D4AEF-978D-4959-BB87-8BA23AD43354}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgnsx.exe |
"{C1953295-044E-4290-A2AB-9E4B752A5305}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CAD99583-EBF1-45BF-9BE8-380F705968F5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CCFA9D29-A6E1-4EBC-AC0B-60A7DB6F9DCB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CECCE4FC-24B9-4AAF-88E5-4551BEB20627}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D28871E2-3BA0-40AD-AE5B-86F58EF8A786}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgemcx.exe |
"{D7215B99-E72B-4F5D-839F-B586170ABE7C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E087933A-BD92-4006-B175-23049C3A88ED}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E6B5FFD5-926E-419D-91CC-A5777EDE9D71}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EC34D631-C6B5-49F6-9FF6-5136FA5D2023}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1310822-BC93-4783-92A2-D06217A05834}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgemcx.exe |
"{F5FD8CDA-DDEE-4C9F-8BCF-6B208050042A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FD684887-5640-4A58-95FE-F86B70EE3006}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgdiagex.exe |
"{FDCFB155-00CE-4C86-98F5-EF532CFEE757}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung universal scan driver\iccupdater.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00CCF705-D246-4F7E-BA80-E1DB2C7EB365}" = AVG 2015
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2899E9E8-3A15-4333-9CE3-BFEF57889F50}" = AVG 2015
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{45535A5E-1F81-4F35-BE1D-43D10A7D03B4}" = Easy Resolution Manager
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}" = Adobe AIR
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885843E7-6CAC-4791-B7BF-1CD516017954}_is1" = DLL Suite 2013
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Polish
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D4A8DDEF-CE67-4466-9A68-9C93D7322CEB}_is1" = fillUp Przyjazne formularze
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AVG" = AVG 2015
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.20
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Icy Tower v1.5.1_is1" = Icy Tower v1.5.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.3.1025
"Mozilla Firefox 34.0.5 (x86 pl)" = Mozilla Firefox 34.0.5 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 26.0.1656.60" = Opera Stable 26.0.1656.60
"PLAY ONLINE" = PLAY ONLINE
"Revo Uninstaller" = Revo Uninstaller 1.89
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"WinRAR archiver" = WinRAR 5.11 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2014-12-29 07:08:54 | Computer Name = N110 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-29 09:39:31 | Computer Name = N110 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-29 10:19:10 | Computer Name = N110 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-29 12:57:56 | Computer Name = N110 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-30 05:24:22 | Computer Name = N110 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-30 06:17:53 | Computer Name = N110 | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 34.0.5.5443,
sygnatura czasowa: 0x5475dd5d Nazwa modułu powodującego błąd: mozalloc.dll, wersja:
34.0.5.5443, sygnatura czasowa: 0x5475d664 Kod wyjątku: 0x80000003 Przesunięcie błędu:
0x00001425 Identyfikator procesu powodującego błąd: 0x15e8 Godzina uruchomienia aplikacji
powodującej błąd: 0x01d02419d6b33766 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Mozilla Firefox\plugin-container.exe Ścieżka modułu powodującego błąd: C:\Program
Files\Mozilla Firefox\mozalloc.dll Identyfikator raportu: 1d299501-900d-11e4-870b-00245407d247

Error - 2014-12-30 06:56:51 | Computer Name = N110 | Source = VSS | ID = 8194
Description =

Error - 2014-12-30 09:53:20 | Computer Name = N110 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-30 10:06:14 | Computer Name = N110 | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "F:\Mateusz\Portable\CCleaner
Portable\ccsetup410\CCleaner64.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-12-30 10:18:21 | Computer Name = N110 | Source = Application Hang | ID = 1002
Description = Program OTL.exe w wersji 3.2.69.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 111c Godzina rozpoczęcia: 01d0243aac4dc15a Godzina zakończenia:
31 Ścieżka aplikacji: F:\OTL\OTL.exe Identyfikator raportu:

[ System Events ]
Error - 2014-12-29 12:56:57 | Computer Name = N110 | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 2014-12-29 12:56:57 | Computer Name = N110 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053

Error - 2014-12-29 12:57:48 | Computer Name = N110 | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 2014-12-30 05:23:03 | Computer Name = N110 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%20

Error - 2014-12-30 05:23:10 | Computer Name = N110 | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 2014-12-30 05:23:10 | Computer Name = N110 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053

Error - 2014-12-30 06:19:16 | Computer Name = N110 | Source = Service Control Manager | ID = 7034
Description = Usługa WindowsMangerProtect Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2014-12-30 09:52:10 | Computer Name = N110 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%20

Error - 2014-12-30 09:52:29 | Computer Name = N110 | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 2014-12-30 09:52:29 | Computer Name = N110 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053


< End of report >
[/log][/spoiler]

 

Resetowałem przeglądarki, zmieniłem ścieżki docelowe, strony startowe, odinstalowałem ten program a także wszystkie rozszerzenia i dodatki z nim związane. Użyłem AVG, Malwarebytes oraz CCleanera i nic dalej w Firefoxie i IE to coś widnieje 

Zayfi
komentarz
komentarz

Wszystko pięknie tylko spoilery sie nie otwierają. Wklejaj logi na wklej.org.

Zayfi
komentarz
komentarz

W logach nie ma żadnej omigi.

Mateusz 935
komentarz
komentarz

Pousuwalem wszystkie mozliwe programy dodatki a mimo to dalej strona startowa w firefoxie i IE to omiga nie pomaga reczna zmiana strony startowej ani reset przegladarki nawet usuniecie wiersza odpowiedzialnego za omige we wlasciwosciach nie pomoglo

Mateusz 935
komentarz
komentarz

Pomogła reinstalacja przeglądarek.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.